The contemporary society entered a new information-oriented society as a result of constant technical innovation and scientific development, and accordingly, smart work expanded not only to the government and private enterprises of developed countries but also to those of developing countries, and most documents are being managed and sent electronically. Although a business system through electronic documents provides convenience to use, unfortunately, there are also losses caused by the leakage of business information by a third party. In particular, due to hacking techniques that are getting more are more advanced, business information of government agencies and private enterprises can leak out, which may determine the life and death of an organization.
Thus, a protection means is essentially required to prevent the leakage of business information. In order to protect business secrets and prevent the leakage of important business information, conventionally, DRM (Digital Right Management) or DLP (Data Loss Prevention) solution was mainly used as a business security system.
The patent application entitled “Methods for Digital Rights Management” (Korean Patent Laid-Open No. 2008-0064164) of Intertrust Technologies Corporation discloses a method and system relating to a digital rights management engine, which evaluates the license associated with the protected content and determines whether the requested access to the content or other accessibility is authorized. In order to manage digital rights, first, the contents are packaged, and the document is encrypted by attaching a license for controlling the user's access to the corresponding content. If an encrypted document is delivered to the corresponding user, the user can access the document within the accessibility assigned to him/her by decrypting the document. That is, it is a method based on access control and encryption by encrypting and delivering a document and controlling access to a decrypted document according to the user's accessibility. However, the digital right management (DRM) method has a risk that a user who has accessibility to the document can easily access the content any time, and thus the content can be leaked.
The DLP method, which is another business security system, retrieves text by searching the document, determines the security level, and then takes the next measure. Symantec, which is a representative enterprise using the DLP method, states that “Symantec DLP 11 is the only solution in the business which sufficiently satisfies all aspects of discovering (searching for secret documents and personal information), monitoring (tracking use/accessibility), and protecting (taking measures for accident), which are the core functions of the data leakage prevention solution” and that “through more enhanced functions, it can reduce the risk of important data which may affect the business of enterprises being leaked on purpose or by mistake” [IT Daily, 2011]. However, the DLP method which detects leakage of content through search delivers the document in clear text, and thus when the document is leaked, there is a problem that additional clear text can also be leaked. Also, there is a problem that it is weak to hacking from outside because it depends on a search technology based on clear text.
The conventional DRM and DLP methods, which were representatively used for business security, have the above mentioned problems. Also, due to digitalization, the amount of data is increasing, and in particular, according to highly enhanced attacks such as APT, recently there are many cases where information is taken away through encrypting or forging techniques, and thus it has become difficult to prevent leakage of information with the conventional business security system.
In addition, as another phenomenon in the current IT industry, through changes of various equipments, the conventional computer system is now introducing various micro devices after going through mobile equipments such as smart phone and tablet PC, etc. In addition to the representative i Watch of Apple, and Google Glasses of Google, various micro devices are entering the market including micro cameras, recorders, etc. Thus, as it has become easier to have information leaked by a third party, it is essentially required to prevent leakage of information through the owner's copyright and prevention of illegal copying by inserting a watermark to the content. Also, due to various changes in equipment and change in business environment, the subject of hacking is no longer limited only to the server, but hacking may occur in personal equipments. Thus, security based on user equipment is required.